To get started with AWS WAF, create a web access control list (web ACL) that defines which web requests you want to block and which ones you want to allow. For information about creating a web ACL, see the AWS WAF Developer Guide.